<?php
session_start();
mysql_set_charset('utf8');
$id=$_SESSION['UserName'];

$noteid[0]=$_POST['1'];
$noteid[1]=$_POST['2'];
$noteid[2]=$_POST['3'];

$point[0]=$_POST['name1'];
$point[1]=$_POST['name2'];
$point[2]=$_POST['name3'];

$dbh = new PDO('mysql:dbname=orb;host=localhost', 'root', '');

for($i=0;$i<3;$i++){
	$sql = "select UserName,RatedCount,Point from orb.Notes where NoteId='".$noteid[$i]."'";
	$array=$dbh->query($sql);
	$rc=0;
	$p=0;
	$username="";
	foreach($array as $row){
		$rc=$row['RatedCount'];
		$p=$row['Point'];
		$username=$row['UserName'];
	}
		
	$p=$p+$point[$i];
	$rc=$rc+1;
		
	$sql= "update orb.Notes set RatedCount=".$rc.",Point=".$p." where NoteId='".$noteid[$i]."'";
	$dbh->query($sql);
	
	$sql = "select Point from orb.Accounts where UserName='".$id."'";
	$array=$dbh->query($sql);
	foreach($array as $row){
		$p=$row['Point'];
	}
	$p=$p+30;
	$sql= "update orb.Accounts set Point=".$p." where UserName='".$id."'";
	$dbh->query($sql);
}

// MySQLに対する処理

header("Location: http://hacksteam-a.dnuts.jp/mypage.php");
$dbh=null;
?>